Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Authenticating through a firewall

Status
Not open for further replies.
jshurst

jshurst

Programmer
Oct 27, 2004
1,158
0
0
US
Can someone tell me how to configure my windows firewall on my domain controller to allow my other computer to authenticate onto the network? If I turn the firewall off on the domain controller then I can authenticate very quickly, if it is on then I can not gain access. Can someone tell me how to fix this?

Thanks in advance.
 
Sort by date Sort by votes
Hi,
1 - Where is the other computer? Ifs its on the same LAN segment why would you need to open any ports?
2 - If its connecting over the internet (ADSL/ISDN etc) then a VPN tunnel would be better, in which case only the VPN port needs opening.

Any, back to your qwuestion -
Basic authentication on a network consists of several steps. First, the client locates a domain controller (DC), which requires DNS connectivity--port 53 on UDP and TCP. Next, the client performs a connectivity test by using a Lightweight Directory Access Protocol (LDAP) Ping--port 389 over UDP. Then, the client uses Kerberos (port 88 via UDP and TCP) and Server Message Block (SMB, port 445 via UDP and TCP) to complete the authentication to the DC. Therefore, you must enable all these ports.

Cheers
G

 
Upvote 0 Downvote
Ok thanks. I just found out that windows firewall does not block outbound traffic, and that just won't do so I am going to go with trendmicro's internet security.

I am on the same LAN. The computer in question is a laptop and therefore is connecting wirelessly. Thanks for the info, this will help.

The reason for this is there is a noticeable difference in logon times. When I disable the firewall I can logon in about a second. If it is turned on then it takes about 4 minutes. Also, the firewall on the server is preventing me from surfing the internet on the laptop.
 
Upvote 0 Downvote
Well, I got pc-cillin internet security 2005, only it won't install on server 2003. Can I make this work on server 2003 or do I need to get something else?
 
Upvote 0 Downvote
Sorry to say but u have bought a home network protector,

"Trend Micro™ PC-cillin™ Internet Security 2005 protects your PC and home network"

the network part of it is for small networks 1-5 machines not servers

looking at there web sight you would need to splash out on the following programs to protect u !


hope this helps


"Research is what I'm doing when I don't know what I'm doing."
 
Upvote 0 Downvote
your actually not on the same segment of the LAN,
if your on wireless then more then likely your access point is performing NAT, and its WAN interface is on your LAN, but your wireless network is a different subnet.

hence when windows firewall is on, its gonna hinder or block entirley the access from that subnet, I am not sure why its even letting you in, unless your NOT using NAT, and have setup a route table, not really possible on the lowend access points.

it might help if you set a static IP on the laptop for you wireless network and then forwarded ldap to that ip in the filter set on your access point.

I am going on basic assumptions here, so which would be correct unless your using cisco aironets, prosafe wireless, officeconnect 3com etc..
 
Upvote 0 Downvote
the other method is if your running adhoc to a wireless adapter on the server, adapter to adapter.
and your using the server as your gateway, and internet connection sharing etc, you would be on the same segment there, subnet etc.

Then I would ask which OS you are using on that laptop, and I would expect the answer to be windows 2000 pro wks, or windows XP professional. IF not, then its 95/98/ME and when you setup your server you allowed NON windows 2000 systems to access your server too, correct? if not then thats your issue using those ancient windows OS's.

If its xp home, you need to go upgrade to pro, but i doubt your using xp home and posting here about domain access.
lets hope not anyway.

so if you can answer some of those details, it would help isolate the issue with authentication to your domain.


Adhoc wireless or AP wirelesS?
network subnets/segments the same between laptop and server?
OS on the laptop?

XP pro SP2, the firewall your disabling is the one on the laptop? or a firewall on the server?

need to know that as well, since you mention a firewall, in conjunction with a laptop and another answer from someone else mentions that trend micro wont work on your server.

as to firewall choices...just go get zonealarm in my opinion, you should be fine then.









 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
143
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
137
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
90
DTGMI
DTGMI
maybeimaleo
  • Locked
  • Question
Is There a Best Windows OS to Upgrade a CA Server to?
Replies
5
Views
88
maybeimaleo
maybeimaleo
Scparks
  • Locked
  • Question
Trouble with setting up a SMTP Relay to Office 365
Replies
0
Views
51
Scparks
Scparks

Part and Inventory Search

Sponsor

Back
Top